mkrug1981 commented on issue #7089:
URL:
https://github.com/apache/trafficcontrol/issues/7089#issuecomment-1259362218
What I have tried already is to try and set a certificate via keyStore file
with **CN=default.invalid**
`[root@sn-tr0001-blstg conf]# keytool -list -v -keystore
/opt/traffic_router/conf/keyStore.jks
Enter keystore password:
Keystore type: JKS
Keystore provider: SUN
Your keystore contains 1 entry
Alias name: sn-tr0001-blstg
Creation date: 26 Sep 2022
Entry type: PrivateKeyEntry
Certificate chain length: 1
Certificate[1]:
Owner: CN=default.invalid, OU=APIDefault, O=Apache Traffic Control,
L=Denver, ST=Colorado, C=US
Issuer: CN=default.invalid, OU=APIDefault, O=Apache Traffic Control,
L=Denver, ST=Colorado, C=US
Serial number: 7816ef6f
Valid from: Mon Sep 26 19:55:54 UTC 2022 until: Thu Sep 23 19:55:54 UTC 2032
Certificate fingerprints:
SHA1: A7:8A:35:BE:9F:76:3E:C8:36:98:3A:A8:74:63:2E:78:24:34:30:00
SHA256:
9A:F3:0A:13:3E:33:FE:5F:B5:38:C4:ED:27:A8:81:BC:70:6F:A9:6C:9C:A8:82:06:A7:F4:01:F4:05:2B:51:5D
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3`
Unfortunately I still get the certificate back which the java code generates
during TR startup
[trafficcontrol/traffic_router/connector/src/main/java/org/apache/traffic_control/traffic_router/secure/CertificateRegistry.java](https://github.com/apache/trafficcontrol/blob/070df30363152ce63aa4111e7ad7678ca6c1d280/traffic_router/connector/src/main/java/org/apache/traffic_control/traffic_router/secure/CertificateRegistry.java#L81-L129)
**curl Examples:**
--- 1st the CN from the certificate
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
